43GSsl::OpenSSL::LibraryImp::LibraryImp(
G::StringArray & library_config , Library::LogFn log_fn ,
bool verbose ) :
46 m_config(library_config)
51 GDEF_IGNORE_RETURN RAND_status() ;
54 m_index = SSL_get_ex_new_index( 0 ,
nullptr ,
nullptr ,
nullptr ,
nullptr ) ;
58 throw Error(
"SSL_get_ex_new_index" ) ;
62GSsl::OpenSSL::LibraryImp::~LibraryImp()
67void GSsl::OpenSSL::LibraryImp::cleanup()
71std::string GSsl::OpenSSL::LibraryImp::sid()
73 std::string v = OpenSSL_version(OPENSSL_VERSION) ;
87std::string GSsl::OpenSSL::LibraryImp::credit(
const std::string & prefix ,
const std::string & eol ,
const std::string & eot )
89 std::ostringstream ss ;
91 << prefix <<
"This product includes software developed by the OpenSSL Project" << eol
92 << prefix <<
"for use in the OpenSSL Toolkit (http://www.openssl.org/)" << eol
98 const std::string & key_file ,
const std::string & cert_file ,
const std::string & ca_file ,
99 const std::string & default_peer_certificate_name ,
const std::string & default_peer_host_name ,
100 const std::string & profile_config )
102 std::shared_ptr<ProfileImp> profile_ptr =
103 std::make_shared<ProfileImp>(*
this,is_server_profile,key_file,cert_file,ca_file,
104 default_peer_certificate_name,default_peer_host_name,profile_config) ;
105 m_profile_map.insert( Map::value_type(profile_name,profile_ptr) ) ;
110 auto p = m_profile_map.find( profile_name ) ;
111 return p != m_profile_map.end() ;
116 auto p = m_profile_map.find( profile_name ) ;
117 if( p == m_profile_map.end() )
throw Error( std::string(
"no such profile: [").append(profile_name).append(1U,
']') ) ;
118 return *(*p).second ;
121GSsl::Library::LogFn GSsl::OpenSSL::LibraryImp::log()
const
126bool GSsl::OpenSSL::LibraryImp::verbose()
const
131int GSsl::OpenSSL::LibraryImp::index()
const
140 result.emplace_back(
"SHA512" ) ;
141 result.emplace_back(
"SHA256" ) ;
142 result.emplace_back(
"SHA1" ) ;
143 result.emplace_back(
"MD5" ) ;
149 return Digester( std::make_unique<GSsl::OpenSSL::DigesterImp>(hash_type,state,need_state) ) ;
152GSsl::OpenSSL::DigesterImp::DigesterImp(
const std::string & hash_type ,
const std::string & state ,
bool need_state )
154 bool have_state = !state.empty() ;
156 #if GCONFIG_HAVE_OPENSSL_HASH_FUNCTIONS
157 if( hash_type ==
"MD5" && ( have_state || need_state ) )
159 m_hash_type = Type::Md5 ;
165 m_state_size = m_value_size + 4U ;
167 else if( hash_type ==
"SHA1" && ( have_state || need_state ) )
169 m_hash_type = Type::Sha1 ;
170 SHA1_Init( &m_sha1 ) ;
175 m_state_size = m_value_size + 4U ;
177 else if( hash_type ==
"SHA256" && ( have_state || need_state ) )
179 m_hash_type = Type::Sha256 ;
180 SHA256_Init( &m_sha256 ) ;
185 m_state_size = m_value_size + 4U ;
189 if( m_state_size == 0U )
191 if( have_state || need_state )
192 throw Error( std::string(
"hash state restoration not implemented for ").append(hash_type) ) ;
194 m_hash_type = Type::Other ;
195 m_evp_ctx = EVP_MD_CTX_create() ;
197 const EVP_MD * md = EVP_get_digestbyname( hash_type.c_str() ) ;
199 throw Error( std::string(
"unsupported hash function name: [").append(hash_type).append(1U,
']') ) ;
201 m_block_size =
static_cast<std::size_t
>( EVP_MD_block_size(md) ) ;
202 m_value_size =
static_cast<std::size_t
>( EVP_MD_size(md) ) ;
204 EVP_DigestInit_ex( m_evp_ctx , md ,
nullptr ) ;
208GSsl::OpenSSL::DigesterImp::~DigesterImp()
210 if( m_hash_type == Type::Other )
211 EVP_MD_CTX_destroy( m_evp_ctx ) ;
216 return m_block_size ;
221 return m_value_size ;
226 return m_state_size ;
231 #if GCONFIG_HAVE_OPENSSL_HASH_FUNCTIONS
232 if( m_hash_type == Type::Md5 )
234 else if( m_hash_type == Type::Sha1 )
236 else if( m_hash_type == Type::Sha256 )
244 #if GCONFIG_HAVE_OPENSSL_HASH_FUNCTIONS
245 if( m_hash_type == Type::Md5 )
246 MD5_Update( &m_md5 , data.data() , data.size() ) ;
247 else if( m_hash_type == Type::Sha1 )
248 SHA1_Update( &m_sha1 , data.data() , data.size() ) ;
249 else if( m_hash_type == Type::Sha256 )
250 SHA256_Update( &m_sha256 , data.data() , data.size() ) ;
252 EVP_DigestUpdate( m_evp_ctx , data.data() , data.size() ) ;
254 EVP_DigestUpdate( m_evp_ctx , data.data() , data.size() ) ;
260 std::vector<unsigned char> output ;
262 #if GCONFIG_HAVE_OPENSSL_HASH_FUNCTIONS
263 if( m_hash_type == Type::Md5 )
265 n = MD5_DIGEST_LENGTH ;
267 MD5_Final( output.data() , &m_md5 ) ;
269 else if( m_hash_type == Type::Sha1 )
271 n = SHA_DIGEST_LENGTH ;
273 SHA1_Final( output.data() , &m_sha1 ) ;
275 else if( m_hash_type == Type::Sha256 )
277 n = SHA256_DIGEST_LENGTH ;
279 SHA256_Final( output.data() , &m_sha256 ) ;
284 unsigned int output_size = 0 ;
285 output.resize( EVP_MAX_MD_SIZE ) ;
286 EVP_DigestFinal_ex( m_evp_ctx , output.data() , &output_size ) ;
287 n =
static_cast<std::size_t
>(output_size) ;
289 G_ASSERT( n == valuesize() ) ;
290 const char * p =
reinterpret_cast<char*
>(output.data()) ;
296GSsl::OpenSSL::ProfileImp::ProfileImp(
const LibraryImp & library_imp ,
bool is_server_profile ,
297 const std::string & key_file ,
const std::string & cert_file ,
const std::string & ca_path ,
298 const std::string & default_peer_certificate_name ,
const std::string & default_peer_host_name ,
299 const std::string & profile_config ) :
300 m_library_imp(library_imp) ,
301 m_default_peer_certificate_name(default_peer_certificate_name) ,
302 m_default_peer_host_name(default_peer_host_name) ,
303 m_ssl_ctx(nullptr,
std::function<void(SSL_CTX*)>(deleter))
307 Config extra_config = m_library_imp.config() ;
308 if( !profile_config.empty() )
311 extra_config = Config( profile_config_list ) ;
312 if( !profile_config_list.empty() )
313 G_WARNING(
"GSsl::OpenSSL::ProfileImp::ctor: tls-config: tls " << (is_server_profile?
"server":
"client")
314 <<
" profile configuration ignored: [" <<
G::Str::join(
",",profile_config_list) <<
"]" ) ;
317 if( m_ssl_ctx ==
nullptr )
319 Config::Fn version_fn = extra_config.fn( is_server_profile ) ;
320 m_ssl_ctx.reset( SSL_CTX_new( version_fn() ) ) ;
321 if( m_ssl_ctx !=
nullptr )
322 apply( extra_config ) ;
325 if( m_ssl_ctx ==
nullptr )
326 throw Error(
"SSL_CTX_new" , ERR_get_error() ) ;
328 if( !key_file.empty() )
332 G_WARNING(
"GSsl::Profile: " << format(
txt(
"cannot open ssl key file: %1%")) % key_file ) ;
334 check( SSL_CTX_use_PrivateKey_file(m_ssl_ctx.get(),key_file.c_str(),SSL_FILETYPE_PEM) ,
335 "use_PrivateKey_file" , key_file ) ;
338 if( !cert_file.empty() )
342 G_WARNING(
"GSsl::Profile: " << format(
txt(
"cannot open ssl certificate file: %1%")) % cert_file ) ;
344 check( SSL_CTX_use_certificate_chain_file(m_ssl_ctx.get(),cert_file.c_str()) ,
345 "use_certificate_chain_file" , cert_file ) ;
348 if( ca_path.empty() )
352 SSL_CTX_set_verify( m_ssl_ctx.get() , SSL_VERIFY_PEER , verifyPass ) ;
354 else if( ca_path ==
"<none>" )
357 SSL_CTX_set_verify( m_ssl_ctx.get() , SSL_VERIFY_NONE ,
nullptr ) ;
359 else if( ca_path ==
"<default>" )
362 bool no_verify = extra_config.noverify() ;
363 SSL_CTX_set_verify( m_ssl_ctx.get() , no_verify ? SSL_VERIFY_NONE : (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT) , verifyPeerName ) ;
364 check( SSL_CTX_set_default_verify_paths( m_ssl_ctx.get() ) ,
"set_default_verify_paths" ) ;
370 const char * ca_file_p = ca_path_is_dir ? nullptr : ca_path.c_str() ;
371 const char * ca_dir_p = ca_path_is_dir ? ca_path.c_str() : nullptr ;
372 bool no_verify = extra_config.noverify() ;
373 SSL_CTX_set_verify( m_ssl_ctx.get() , no_verify ? SSL_VERIFY_NONE : (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT) , verifyPeerName ) ;
374 check( SSL_CTX_load_verify_locations( m_ssl_ctx.get() , ca_file_p , ca_dir_p ) ,
"load_verify_locations" , ca_path ) ;
377 SSL_CTX_set_cipher_list( m_ssl_ctx.get() ,
"DEFAULT" ) ;
378 SSL_CTX_set_session_cache_mode( m_ssl_ctx.get() , SSL_SESS_CACHE_OFF ) ;
379 if( is_server_profile )
382 SSL_CTX_set_session_id_context( m_ssl_ctx.get() ,
reinterpret_cast<const unsigned char *
>(x.data()) ,
static_cast<unsigned>(x.size()) ) ;
386GSsl::OpenSSL::ProfileImp::~ProfileImp()
389void GSsl::OpenSSL::ProfileImp::deleter( SSL_CTX * p )
396 const std::string & peer_host_name )
const
398 return std::make_unique<OpenSSL::ProtocolImp>( *
this ,
399 peer_certificate_name.empty()?defaultPeerCertificateName():peer_certificate_name ,
400 peer_host_name.empty()?defaultPeerHostName():peer_host_name ) ;
403SSL_CTX * GSsl::OpenSSL::ProfileImp::p()
const
405 return const_cast<SSL_CTX*
>( m_ssl_ctx.get() ) ;
408const GSsl::OpenSSL::LibraryImp & GSsl::OpenSSL::ProfileImp::lib()
const
410 return m_library_imp ;
413const std::string & GSsl::OpenSSL::ProfileImp::defaultPeerCertificateName()
const
415 return m_default_peer_certificate_name ;
418const std::string & GSsl::OpenSSL::ProfileImp::defaultPeerHostName()
const
420 return m_default_peer_host_name ;
423void GSsl::OpenSSL::ProfileImp::check(
int rc ,
const std::string & fnname_tail ,
const std::string & file )
427 std::string fnname =
"SSL_CTX_" + fnname_tail ;
428 throw Error( fnname , ERR_get_error() , file ) ;
432void GSsl::OpenSSL::ProfileImp::apply(
const Config & config )
434 #if GCONFIG_HAVE_OPENSSL_MIN_MAX
435 GDEF_WARNING_DISABLE_START( 4244 )
438 SSL_CTX_set_min_proto_version( m_ssl_ctx.get() , config.min_() ) ;
441 SSL_CTX_set_max_proto_version( m_ssl_ctx.get() , config.max_() ) ;
443 GDEF_WARNING_DISABLE_END
446 if( config.reset() != 0L )
447 SSL_CTX_clear_options( m_ssl_ctx.get() , config.reset() ) ;
449 if( config.set() != 0L )
450 SSL_CTX_set_options( m_ssl_ctx.get() , config.set() ) ;
453int GSsl::OpenSSL::ProfileImp::verifyPass(
int , X509_STORE_CTX * )
458int GSsl::OpenSSL::ProfileImp::verifyPeerName(
int ok , X509_STORE_CTX * ctx )
462 if( ok && X509_STORE_CTX_get_error_depth(ctx) == 0 )
464 SSL * ssl =
static_cast<SSL*
>( X509_STORE_CTX_get_ex_data( ctx , SSL_get_ex_data_X509_STORE_CTX_idx() ) ) ;
468 OpenSSL::LibraryImp & library =
dynamic_cast<OpenSSL::LibraryImp&
>( Library::impstance() ) ;
469 OpenSSL::ProtocolImp * protocol =
static_cast<OpenSSL::ProtocolImp*
>( SSL_get_ex_data(ssl,library.index()) ) ;
470 if( protocol ==
nullptr )
473 std::string required_peer_certificate_name = protocol->requiredPeerCertificateName() ;
474 if( !required_peer_certificate_name.empty() )
476 X509 * cert = X509_STORE_CTX_get_current_cert( ctx ) ;
477 std::string subject = name(X509_get_subject_name(cert)) ;
479 bool found = std::find( subject_parts.begin() , subject_parts.end() ,
"CN="+required_peer_certificate_name ) != subject_parts.end() ;
480 library.log()( 2 , std::string(
"certificate-subject=[")
482 .append(
"] required-peer-name=[")
483 .append(required_peer_certificate_name)
484 .append(
"] ok=").append(1U,found?
'1':
'0') ) ;
499std::string GSsl::OpenSSL::ProfileImp::name( X509_NAME * x509_name )
501 if( x509_name ==
nullptr )
return {} ;
502 std::vector<char> buffer( 2048U ) ;
503 X509_NAME_oneline( x509_name , buffer.data() ,
static_cast<int>(buffer.size()) ) ;
504 buffer.back() =
'\0' ;
510GSsl::OpenSSL::ProtocolImp::ProtocolImp(
const ProfileImp & profile ,
const std::string & required_peer_certificate_name ,
511 const std::string & target_peer_host_name ) :
512 m_ssl(nullptr,
std::function<void(SSL*)>(deleter)) ,
513 m_log_fn(profile.lib().log()) ,
514 m_verbose(profile.lib().verbose()) ,
515 m_required_peer_certificate_name(required_peer_certificate_name)
517 m_ssl.reset( SSL_new(profile.p()) ) ;
518 if( m_ssl ==
nullptr )
519 throw Error(
"SSL_new" , ERR_get_error() ) ;
522 if( !target_peer_host_name.empty() )
523 SSL_set_tlsext_host_name( m_ssl.get() , target_peer_host_name.c_str() ) ;
526 SSL_set_ex_data( m_ssl.get() , profile.lib().index() ,
this ) ;
529GSsl::OpenSSL::ProtocolImp::~ProtocolImp()
532void GSsl::OpenSSL::ProtocolImp::deleter( SSL * p )
538void GSsl::OpenSSL::ProtocolImp::clearErrors()
542 Error::clearErrors() ;
545int GSsl::OpenSSL::ProtocolImp::error(
const char * op ,
int rc )
const
547 int e = SSL_get_error( m_ssl.get() , rc ) ;
548 logErrors( op , rc , e , Protocol::str(convert(e)) ) ;
552GSsl::Protocol::Result GSsl::OpenSSL::ProtocolImp::convert(
int e )
554 if( e == SSL_ERROR_WANT_READ )
return Protocol::Result::read ;
555 if( e == SSL_ERROR_WANT_WRITE )
return Protocol::Result::write ;
556 return Protocol::Result::error ;
561 set(
static_cast<int>(io.
fd()) ) ;
567 set(
static_cast<int>(io.
fd()) ) ;
571void GSsl::OpenSSL::ProtocolImp::set(
int fd )
575 int rc = SSL_set_fd( m_ssl.get() , fd ) ;
577 throw Error(
"SSL_set_fd" , ERR_get_error() ) ;
586 int rc = SSL_connect( m_ssl.get() ) ;
590 return Protocol::Result::ok ;
594 return convert(error(
"SSL_connect",rc)) ;
601 int rc = SSL_accept( m_ssl.get() ) ;
605 return Protocol::Result::ok ;
609 return convert(error(
"SSL_accept",rc)) ;
613void GSsl::OpenSSL::ProtocolImp::saveResult()
615 m_peer_certificate = Certificate(SSL_get_peer_certificate(m_ssl.get()),
true).str() ;
616 m_peer_certificate_chain = CertificateChain(SSL_get_peer_cert_chain(m_ssl.get())).str() ;
617 m_verified = !m_peer_certificate.empty() && SSL_get_verify_result(m_ssl.get()) == X509_V_OK ;
622 int rc = SSL_shutdown( m_ssl.get() ) ;
623 if( rc == 0 || rc == 1 )
624 return Protocol::Result::ok ;
626 return convert( rc ) ;
634 int buffer_size =
static_cast<int>(buffer_size_in) ;
635 int rc = SSL_read( m_ssl.get() , buffer , buffer_size ) ;
638 read_size =
static_cast<ssize_t
>(rc) ;
639 return SSL_pending(m_ssl.get()) ? Protocol::Result::more : Protocol::Result::ok ;
643 return convert(error(
"SSL_read",rc)) ;
651 int size =
static_cast<int>(size_in) ;
652 int rc = SSL_write( m_ssl.get() , buffer , size ) ;
655 size_out =
static_cast<ssize_t
>(rc) ;
656 return Protocol::Result::ok ;
660 return convert(error(
"SSL_write",rc)) ;
666 return m_peer_certificate ;
671 return m_peer_certificate_chain ;
676 const SSL_CIPHER * cipher = SSL_get_current_cipher(
const_cast<SSL*
>(m_ssl.get()) ) ;
677 const char * name = cipher ? SSL_CIPHER_get_name(cipher) : nullptr ;
683 const SSL_SESSION * session = SSL_get_session(
const_cast<SSL*
>(m_ssl.get()) ) ;
684 if( session ==
nullptr )
return {} ;
685 int v = SSL_SESSION_get_protocol_version( session ) ;
687 if( v == TLS1_VERSION )
return "TLSv1.0" ;
689 #ifdef TLS1_1_VERSION
690 if( v == TLS1_1_VERSION )
return "TLSv1.1" ;
692 #ifdef TLS1_2_VERSION
693 if( v == TLS1_2_VERSION )
return "TLSv1.2" ;
695 #ifdef TLS1_3_VERSION
696 if( v == TLS1_3_VERSION )
return "TLSv1.3" ;
698 if( v == 0x304 )
return "TLSv1.3" ;
708void GSsl::OpenSSL::ProtocolImp::logErrors(
const std::string & op ,
int rc ,
int e ,
const std::string & strerr )
const
710 if( m_log_fn !=
nullptr )
714 std::ostringstream ss ;
715 ss << op <<
": rc=" << rc <<
": error " << e <<
" => " << strerr ;
716 (*m_log_fn)( 1 , ss.str() ) ;
719 for(
int i = 2 ; i < 10000 ; i++ )
721 unsigned long ee = ERR_get_error() ;
722 if( ee == 0 ) break ;
723 Error eee( op , ee ) ;
724 (*m_log_fn)( 3 , std::string() + eee.what() ) ;
729std::string GSsl::OpenSSL::ProtocolImp::requiredPeerCertificateName()
const
731 return m_required_peer_certificate_name ;
736GSsl::OpenSSL::Error::Error(
const std::string & s ) :
737 std::runtime_error(
std::string(
"tls error: ").append(s) )
741GSsl::OpenSSL::Error::Error(
const std::string & fnname ,
unsigned long e ) :
742 std::runtime_error(
std::string(
"tls error: ").append(fnname).append(
"(): [").append(text(e)).append(1U,
']') )
747GSsl::OpenSSL::Error::Error(
const std::string & fnname ,
unsigned long e ,
const std::string & file ) :
748 std::runtime_error(
std::string(
"tls error: ").append(fnname).append(
"(): [").append(text(e)).append(
"]: file=[").append(file).append(1U,
']') )
753void GSsl::OpenSSL::Error::clearErrors()
755 for(
int i = 0 ; ERR_get_error() && i < 10000 ; i++ )
759std::string GSsl::OpenSSL::Error::text(
unsigned long e )
761 std::vector<char> v( 300 ) ;
762 ERR_error_string_n( e , v.data() , v.size() ) ;
763 std::string s( v.data() , v.size() ) ;
764 return std::string( s.c_str() ) ;
769GSsl::OpenSSL::CertificateChain::CertificateChain( STACK_OF(X509) * chain )
771 for(
int i = 0 ; chain !=
nullptr && i < sk_X509_num(chain) ; i++ )
773 void * p = sk_X509_value(chain,i) ;
if( p ==
nullptr ) break ;
774 X509 * x509 =
static_cast<X509*
>(p) ;
775 m_str.append( Certificate(x509,
false).str() ) ;
779std::string GSsl::OpenSSL::CertificateChain::str()
const
786GSsl::OpenSSL::Certificate::Certificate( X509 * x509 ,
bool do_free )
788 if( x509 ==
nullptr ) return ;
789 BIO * bio = BIO_new( BIO_s_mem() ) ;
790 if( bio ==
nullptr ) return ;
791 int rc = PEM_write_bio_X509( bio , x509 ) ;
792 if( !rc ) { BIO_free(bio) ; return ; }
793 BUF_MEM * mem = nullptr ;
794 BIO_get_mem_ptr( bio , &mem ) ;
795 std::size_t n = mem ?
static_cast<std::size_t
>(mem->length) : 0U ;
796 const char * p = mem ? mem->data : nullptr ;
797 std::string data = p&&n ? std::string(p,n) :
std::string() ;
799 if( do_free ) X509_free( x509 ) ;
808std::string GSsl::OpenSSL::Certificate::str()
const
816 m_noverify(consume(cfg,
"noverify"))
818 #if GCONFIG_HAVE_OPENSSL_TLS_METHOD
819 m_server_fn = TLS_server_method ;
820 m_client_fn = TLS_client_method ;
822 m_server_fn = SSLv23_server_method ;
823 m_client_fn = SSLv23_client_method ;
826 #if GCONFIG_HAVE_OPENSSL_MIN_MAX
829 if( consume(cfg,
"sslv3") ) m_min = SSL3_VERSION ;
830 if( consume(cfg,
"-sslv3") ) m_max = SSL3_VERSION ;
834 if( consume(cfg,
"tlsv1.0") ) m_min = TLS1_VERSION ;
835 if( consume(cfg,
"-tlsv1.0") ) m_max = TLS1_VERSION ;
838 #ifdef TLS1_1_VERSION
839 if( consume(cfg,
"tlsv1.1") ) m_min = TLS1_1_VERSION ;
840 if( consume(cfg,
"-tlsv1.1") ) m_max = TLS1_1_VERSION ;
843 #ifdef TLS1_2_VERSION
844 if( consume(cfg,
"tlsv1.2") ) m_min = TLS1_2_VERSION ;
845 if( consume(cfg,
"-tlsv1.2") ) m_max = TLS1_2_VERSION ;
848 #ifdef TLS1_3_VERSION
849 if( consume(cfg,
"tlsv1.3") ) m_min = TLS1_3_VERSION ;
850 if( consume(cfg,
"-tlsv1.3") ) m_max = TLS1_3_VERSION ;
856 if( consume(cfg,
"op_all") ) m_options_set |= SSL_OP_ALL ;
859 #ifdef SSL_OP_NO_TICKET
860 if( consume(cfg,
"op_no_ticket") ) m_options_set |= SSL_OP_NO_TICKET ;
863 #ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
864 if( consume(cfg,
"op_no_resumption") ) m_options_set |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION ;
867 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
868 if( consume(cfg,
"op_server_preference") ) m_options_set |= SSL_OP_CIPHER_SERVER_PREFERENCE ;
872bool GSsl::OpenSSL::Config::consume(
G::StringArray & list , std::string_view item )
874 return LibraryImp::consume( list , item ) ;
877GSsl::OpenSSL::Config::Fn GSsl::OpenSSL::Config::fn(
bool server )
879 return server ? m_server_fn : m_client_fn ;
882long GSsl::OpenSSL::Config::set()
const
884 return m_options_set ;
887long GSsl::OpenSSL::Config::reset()
const
889 return m_options_reset ;
892int GSsl::OpenSSL::Config::min_()
const
897int GSsl::OpenSSL::Config::max_()
const
902bool GSsl::OpenSSL::Config::noverify()
const
virtual std::string state()=0
Implements Digester::state().
virtual std::size_t blocksize() const noexcept=0
Implements Digester::blocksize().
virtual std::size_t statesize() const noexcept=0
Implements Digester::statesize().
virtual std::size_t valuesize() const noexcept=0
Implements Digester::valuesize().
virtual std::string value()=0
Implements Digester::value().
virtual void add(std::string_view)=0
Implements Digester::add().
A class for objects that can perform a cryptographic hash.
virtual bool hasProfile(const std::string &profile_name) const =0
Implements Library::hasProfile().
virtual const Profile & profile(const std::string &profile_name) const =0
Implements Library::profile().
virtual Digester digester(const std::string &, const std::string &, bool) const =0
Implements Library::digester().
virtual std::string id() const =0
Implements Library::id().
virtual G::StringArray digesters(bool) const =0
Implements Library::digesters().
virtual void addProfile(const std::string &, bool, const std::string &, const std::string &, const std::string &, const std::string &, const std::string &, const std::string &)=0
Implements Library::addProfile().
Holds protocol version information, etc.
A base interface for profile classes that work with concrete classes derived from GSsl::LibraryImpBas...
virtual std::unique_ptr< ProtocolImpBase > newProtocol(const std::string &, const std::string &) const =0
Factory method for a new Protocol object.
virtual bool verified() const =0
Implements Protocol::verified().
virtual std::string peerCertificate() const =0
Implements Protocol::peerCertificate().
virtual Protocol::Result connect(G::ReadWrite &)=0
Implements Protocol::connect().
virtual std::string cipher() const =0
Implements Protocol::cipher().
virtual Protocol::Result write(const char *, std::size_t, ssize_t &)=0
Implements Protocol::write().
virtual std::string protocol() const =0
Implements Protocol::protocol().
virtual Protocol::Result read(char *, std::size_t, ssize_t &)=0
Implements Protocol::read().
virtual std::string peerCertificateChain() const =0
Implements Protocol::peerCertificateChain().
virtual Protocol::Result accept(G::ReadWrite &)=0
Implements Protocol::accept().
virtual Protocol::Result shutdown()=0
Implements Protocol::shutdown().
static bool isDirectory(const Path &path, std::nothrow_t)
Returns true if the path exists() and is a directory.
static bool exists(const Path &file)
Returns true if the file (directory, device etc.) exists.
static std::string encode(const uint_type *)
Returns the hash state as an N-character string of non-printing characters.
static void decode(const std::string &s, uint_type *values_out, size_type &size_out)
Converts an encode()d string back into a hash state of N/4 integers and a data size returned by refer...
A Path object represents a file system path.
std::string basename() const
Returns the rightmost part of the path, ignoring "." parts.
static Path exe()
Returns the absolute path of the current executable, independent of the argv array passed to main().
An abstract interface for reading and writing from a non-blocking i/o channel.
virtual SOCKET fd() const noexcept=0
Returns the file descriptor.
A class which acquires the process's special privileges on construction and releases them on destruct...
static void splitIntoTokens(const std::string &in, StringArray &out, std::string_view ws, char esc='\0')
Splits the string into 'ws'-delimited tokens.
static std::string join(std::string_view sep, const StringArray &strings)
Concatenates an array of strings with separators.
static std::string unique(const std::string &s, char c, char r)
Returns a string with repeated 'c' characters replaced by one 'r' character.
static std::string fromInt(int i)
Converts int 'i' to a string.
static std::string printable(const std::string &in, char escape='\\')
Returns a printable representation of the given input string, using chacter code ranges 0x20 to 0x7e ...
static unsigned int replaceAll(std::string &s, std::string_view from, std::string_view to)
Does a global replace on string 's', replacing all occurrences of sub-string 'from' with 'to'.
An interface to an underlying TLS library.
std::vector< std::string > StringArray
A std::vector of std::strings.
const char * txt(const char *p) noexcept
A briefer alternative to G::gettext().